VDB
GCVE-110-MAGEIA-2015-263
GCVE-110-MAGEIA-2015-263
Advisory Published
libcurl can wrongly send HTTP credentials when re-using connections. Even
if the handle for an HTTP connection is reset, it retains the credentials,
which can cause them to be unintentionally leaked in subsequent requests
(CVE-2015-3236).
libcurl can get tricked by a malicious SMB server to send off data it did
not intend to. A malicious SMB server can use this to access arbitrary
process memory, or to crash the client, causing a denial of service
(CVE-2015-3237).
Affected Products
| Vendor | Product | Versions | Platforms |
|---|---|---|---|
| Mageia | curl | 0 (affected), 7.40.0-3.1.mga5 (unaffected) | — |
Browse GCVE Records
72,664 records in the GCVE database · Updated July 15, 2026
No matching records found.
Explore Further
Investigate this vulnerability in the interactive console or download the raw GCVE record.